<?xml version="1.0" encoding="utf-8" ?>
<!-- #INCLUDE FILE="inc/initDb.inc" -->
<!-- #INCLUDE FILE="inc/Common.asp" -->
<!-- #INCLUDE FILE="inc/RSSCommon.asp" -->
<%
    Response.Clear
    Response.ContentType = "text/xml"

    Dim JobTitle, JobCode, JobCat, sqlParam, SearchCriteria, workLocation
    '------------------------------------------------------------------------------------------------------------------------
    'Init Parameters from the form ------------------------------------------------------------------------------------------
    '------------------------------------------------------------------------------------------------------------------------
    JobTitle = Request.Item("tbJobTitle")
    JobCode = Request.Item("tbJobCode")
    JobCat = Request.Item("ddlJobCat")
    WorkLocation = Request.Item("ddlWorkLocation")
    EmploymentType = Request.Item("ddlEmployNature")    'Perm Temp Contract

    If JobTitle = "" and JobCode = "" and JobCat = "" and WorkLocation = "" and EmploymentType = "" Then
        Response.Redirect("Candidates_search.asp")
    End If

    '------------------------------------------------------------------------------------------------------------------------
    'Create the SQL Statements ----------------------------------------------------------------------------------------------
    '------------------------------------------------------------------------------------------------------------------------
    sql = "SELECT TOP 50 * FROM JOB_ADVERTISEMENT WHERE 1=1 AND BRANCH <> 'JP' "
    Set cmd = Server.CreateObject("ADODB.Command")

    If JobCat <> "" Then
        sql = sql & " AND JOB_CAT_CODE = ?"
        set sqlParam = cmd.CreateParameter(, 129, , 4, JobCat)
        cmd.Parameters.Append sqlParam
        SearchCriteria = SearchCriteria & GetJobCatName(JobCat)
    End If

    If JobTitle <> "" Then
        sql = sql & " AND JOB_ADV_TITLE LIKE ?"
        set sqlParam = cmd.CreateParameter(, 200, , 60, "%" & JobTitle & "%")
        cmd.Parameters.Append sqlParam

        if SearchCriteria <> "" Then
            SearchCriteria = SearchCriteria & ", " & JobTitle
        Else
            SearchCriteria = SearchCriteria & JobTitle
        End If

    End If

    If JobCode <> "" Then
        sql = sql & " AND JOB_ADV_CODE = ?"
        set sqlParam = cmd.CreateParameter(, 200, , 12, JobCode)
        cmd.Parameters.Append sqlParam

        if SearchCriteria <> "" Then
            SearchCriteria = SearchCriteria & ", " & JobCode
        Else
            SearchCriteria = SearchCriteria & JobCode
        End If
    End If

    If EmploymentType <> "" Then
        sql = sql & " AND SERVICE_TYPE LIKE ?"
        set sqlParam = cmd.CreateParameter(, 200, , 30, "%" & EmploymentType & "%")
        cmd.Parameters.Append sqlParam

        if SearchCriteria <> "" Then
            SearchCriteria = SearchCriteria & ", " & EmploymentType
        Else
            SearchCriteria = SearchCriteria & EmploymentType
        End If
    End If

    If WorkLocation <> "" Then
        sql = sql & " AND WORK_LOCATION LIKE ?"
        set sqlParam = cmd.CreateParameter(, 200, , 30, "%" & WorkLocation & "%")
        cmd.Parameters.Append sqlParam

        if SearchCriteria <> "" Then
            SearchCriteria = SearchCriteria & ", " & WorkLocation
        Else
            SearchCriteria = SearchCriteria & WorkLocation
        End If
    End If

    sql = sql & " AND CURRENT_TIMESTAMP >= POSTING_DATE"
    sql = sql & " AND CLOSING_DATE >= POSTING_DATE"
    sql = sql & " AND CLOSING_DATE >= CURRENT_TIMESTAMP"

    sql = sql & " ORDER BY POSTING_DATE DESC"

    '------------------------------------------------------------------------------------------------------------------------
    'Executing the SQL Statements using params (?) to prevent SQL Injection -------------------------------------------------
    '------------------------------------------------------------------------------------------------------------------------
    SqlConn.Open
    cmd.ActiveConnection = SqlConn
    cmd.CommandText = sql

    Set rs = Server.CreateObject("ADODB.RecordSet")
    rs.Open cmd, , 3

%>
<rss version="2.0">
  <channel>
    <title>
      Adecco Job Search Results (RSS) for: <%=Server.HTMLEncode(SearchCriteria) %>
    </title>
    <link>http://www.adecco.com.sg</link>
    <description>
        Adecco Job Search Results for: <%=SearchCriteria %>
    </description>
    <language>en</language>
    <copyright>2009 Adecco. All Rights Reserved</copyright>
    <image>
      <title>Adecco Singapore Job Search Result RSS Feed</title>
      <url>http://www.adecco-asia.com/Singapore/asset/images/adeccoLogo.png</url>
      <link>http://www.adecco.com.sg</link>
    </image>

    <%
        If rs.RecordCount = 0 Then
    %>
        <item>
            <title>No Jobs Found</title>
            <link>http://www.adecco-asia.com/singapore/candidates_search.asp</link>
            <description>Click <%=Server.HTMLEncode("<a href='http://www.adecco-asia.com/singapore/candidates_search.asp'>here</a>") %> to find for more jobs</description>
        </item>
    <%
        End If
    %>

    <%
        Do While NOT rs.BOF and NOT rs.EOF
    %>
            <item>
                <title><%=server.HTMLEncode(rs("JOB_ADV_TITLE") & " (" & rs("SERVICE_TYPE") & ")")%></title>
                <link>Candidates_JobDetails.asp?jobID=<%=server.HTMLEncode(rs("JOB_ADV_CODE")) %></link>
                <description><%=server.HTMLEncode(cSubString(rs("JOB_ADV_DESC"), rs("JOB_ADV_CODE")))%></description>
                <category><%=server.HTMLEncode(rs("SERVICE_TYPE")) %></category>
                <pubDate><%=return_RFC822_Date(rs("POSTING_DATE"), "GMT")%></pubDate>
            </item>
    <%
            rs.movenext
        Loop
    %>
  </channel>
</rss>